<!DOCTYPE html>
<html>

<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
	<meta name="theme-color" content="#33474d">
	<title>Linux 命令- telnet | 失落的乐章</title>
	<link rel="stylesheet" href="/css/style.css" />
	
      <link rel="alternate" href="/atom.xml" title="失落的乐章" type="application/atom+xml">
    
</head>

<body>

	<header class="header">
		<nav class="header__nav">
			
				<a href="/archives" class="header__link">Archive</a>
			
				<a href="/tags" class="header__link">Tags</a>
			
				<a href="/atom.xml" class="header__link">RSS</a>
			
		</nav>
		<h1 class="header__title"><a href="/">失落的乐章</a></h1>
		<h2 class="header__subtitle">技术面前，永远都是学生。</h2>
	</header>

	<main>
		<article>
	
		<h1>Linux 命令- telnet</h1>
	
	<div class="article__infos">
		<span class="article__date">2017-10-12</span><br />
		
		
			<span class="article__tags">
			  	<a class="article__tag-link" href="/tags/Linux命令/">Linux命令</a>
			</span>
		
	</div>

	

	
		<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;telnet命令通常用来远程登录。telnet程序是基于TELNET协议的远程登录客户端程序。Telnet协议是TCP/IP协议族中的一员，是Internet远程登陆服务的标准协议和主要方式。它为用户提供了在本地计算机上完成远程主机工作的 能力。在终端使用者的电脑上使用telnet程序，用它连接到服务器。终端使用者可以在telnet程序中输入命令，这些命令会在服务器上运行，就像直接在服务器的控制台上输入一样。可以在本地就能控制服务器。要开始一个 telnet会话，必须输入用户名和密码来登录服务器。Telnet是常用的远程控制Web服务器的方法。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;但是，telnet因为采用明文传送报文，安全性不好，很多Linux服务器都不开放telnet服务，而改用更安全的ssh方式了。但仍然有很多别的系统可能采用了telnet方式来提供远程登录，因此弄清楚telnet客户端的使用方式仍是很有必要的。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;telnet命令还可做别的用途，比如确定远程服务的状态，比如确定远程服务器的某个端口是否能访问。</p>
<h2 id="1．命令格式"><a href="#1．命令格式" class="headerlink" title="1．命令格式"></a>1．命令格式</h2><figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">telnet [参数] [主机]</div></pre></td></tr></table></figure>
<h2 id="2．命令功能"><a href="#2．命令功能" class="headerlink" title="2．命令功能"></a>2．命令功能</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行telnet指令开启终端机阶段作业，并登入远端主机。</p>
<h2 id="3．命令参数"><a href="#3．命令参数" class="headerlink" title="3．命令参数"></a>3．命令参数</h2><ul>
<li>-8 允许使用8位字符资料，包括输入与输出。</li>
<li>-a 尝试自动登入远端系统。</li>
<li>-b&lt;主机别名&gt; 使用别名指定远端主机名称。</li>
<li>-c 不读取用户专属目录里的.telnetrc文件。</li>
<li>-d 启动排错模式。</li>
<li>-e&lt;脱离字符&gt; 设置脱离字符。</li>
<li>-E 滤除脱离字符。</li>
<li>-f 此参数的效果和指定”-F”参数相同。</li>
<li>-F 使用Kerberos V5认证时，加上此参数可把本地主机的认证数据上传到远端主机。</li>
<li>-k&lt;域名&gt; 使用Kerberos认证时，加上此参数让远端主机采用指定的领域名，而非该主机的域名。</li>
<li>-K 不自动登入远端主机。</li>
<li>-l&lt;用户名称&gt; 指定要登入远端主机的用户名称。</li>
<li>-L 允许输出8位字符资料。</li>
<li>-n&lt;记录文件&gt; 指定文件记录相关信息。</li>
<li>-r 使用类似rlogin指令的用户界面。</li>
<li>-S&lt;服务类型&gt; 设置telnet连线所需的IP TOS信息。</li>
<li>-x 假设主机有支持数据加密的功能，就使用它。</li>
<li>-X&lt;认证形态&gt; 关闭指定的认证形态。</li>
</ul>
<h2 id="4．使用实例"><a href="#4．使用实例" class="headerlink" title="4．使用实例"></a>4．使用实例</h2><h3 id="实例1：远程服务器无法访问"><a href="#实例1：远程服务器无法访问" class="headerlink" title="实例1：远程服务器无法访问"></a>实例1：远程服务器无法访问</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>命令</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">telnet 192.168.120.206</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>输出</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div></pre></td><td class="code"><pre><div class="line">[root@localhost ~]<span class="comment"># telnet 192.168.120.209</span></div><div class="line">Trying 192.168.120.209...</div><div class="line">telnet: connect to address 192.168.120.209: No route to host</div><div class="line">telnet: Unable to connect to remote host: No route to host</div><div class="line">[root@localhost ~]<span class="comment">#</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>说明</strong></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;处理这种情况方法：</p>
<ol>
<li>确认ip地址是否正确？</li>
<li>确认ip地址对应的主机是否已经开机？</li>
<li>如果主机已经启动，确认路由设置是否设置正确？（使用route命令查看）</li>
<li>如果主机已经启动，确认主机上是否开启了telnet服务？（使用netstat命令查看，TCP的23端口是否有LISTEN状态的行）</li>
<li>如果主机已经启动telnet服务，确认防火墙是否放开了23端口的访问？（使用iptables-save查看）</li>
</ol>
<h2 id="实例2：域名无法解析"><a href="#实例2：域名无法解析" class="headerlink" title="实例2：域名无法解析"></a>实例2：域名无法解析</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>命令</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">telnet www.baidu.com</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>输出</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@localhost ~]<span class="comment"># telnet www.baidu.com</span></div><div class="line">www.baidu.com/telnet: Temporary failure <span class="keyword">in</span> name resolution</div><div class="line">[root@localhost ~]<span class="comment">#</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>说明</strong></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;处理这种情况方法：</p>
<ol>
<li>确认域名是否正确</li>
<li>确认本机的域名解析有关的设置是否正确（/etc/resolv.conf中nameserver的设置是否正确，如果没有，可以使用nameserver 8.8.8.8）</li>
<li>确认防火墙是否放开了UDP53端口的访问（DNS使用UDP协议，端口53，使用iptables-save查看）</li>
</ol>
<h3 id="实例3：拒绝访问"><a href="#实例3：拒绝访问" class="headerlink" title="实例3：拒绝访问"></a>实例3：拒绝访问</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>输出</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div></pre></td><td class="code"><pre><div class="line">[root@localhost ~]<span class="comment"># telnet 192.168.120.206</span></div><div class="line">Trying 192.168.120.206...</div><div class="line">telnet: connect to address 192.168.120.206: Connection refused</div><div class="line">telnet: Unable to connect to remote host: Connection refused</div><div class="line">[root@localhost ~]<span class="comment">#</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>说明</strong></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;处理这种情况：</p>
<ol>
<li>确认ip地址或者主机名是否正确？</li>
<li>确认端口是否正确，是否默认的23端口</li>
</ol>
<h3 id="实例4：启动telnet服务"><a href="#实例4：启动telnet服务" class="headerlink" title="实例4：启动telnet服务"></a>实例4：启动telnet服务</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>命令</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">service xinetd restart</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>输出</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div><div class="line">35</div><div class="line">36</div><div class="line">37</div></pre></td><td class="code"><pre><div class="line">[root@localhost ~]<span class="comment"># cd /etc/xinetd.d/</span></div><div class="line">[root@localhost xinetd.d]<span class="comment"># ll</span></div><div class="line">总计 124</div><div class="line">-rw-r--r-- 1 root root 1157 2011-05-31 chargen-dgram</div><div class="line">-rw-r--r-- 1 root root 1159 2011-05-31 chargen-stream</div><div class="line">-rw-r--r-- 1 root root  523 2009-09-04 cvs</div><div class="line">-rw-r--r-- 1 root root 1157 2011-05-31 daytime-dgram</div><div class="line">-rw-r--r-- 1 root root 1159 2011-05-31 daytime-stream</div><div class="line">-rw-r--r-- 1 root root 1157 2011-05-31 discard-dgram</div><div class="line">-rw-r--r-- 1 root root 1159 2011-05-31 discard-stream</div><div class="line">-rw-r--r-- 1 root root 1148 2011-05-31 <span class="built_in">echo</span>-dgram</div><div class="line">-rw-r--r-- 1 root root 1150 2011-05-31 <span class="built_in">echo</span>-stream</div><div class="line">-rw-r--r-- 1 root root  323 2004-09-09 eklogin</div><div class="line">-rw-r--r-- 1 root root  347 2005-09-06 ekrb5-telnet</div><div class="line">-rw-r--r-- 1 root root  326 2004-09-09 gssftp</div><div class="line">-rw-r--r-- 1 root root  310 2004-09-09 klogin</div><div class="line">-rw-r--r-- 1 root root  323 2004-09-09 krb5-telnet</div><div class="line">-rw-r--r-- 1 root root  308 2004-09-09 kshell</div><div class="line">-rw-r--r-- 1 root root  317 2004-09-09 rsync</div><div class="line">-rw-r--r-- 1 root root 1212 2011-05-31 tcpmux-server</div><div class="line">-rw-r--r-- 1 root root 1149 2011-05-31 time-dgram</div><div class="line">-rw-r--r-- 1 root root 1150 2011-05-31 time-stream</div><div class="line">[root@localhost xinetd.d]<span class="comment"># cat krb5-telnet </span></div><div class="line"><span class="comment"># default: off</span></div><div class="line"><span class="comment"># description: The kerberized telnet server accepts normal telnet sessions, \</span></div><div class="line"><span class="comment">#              but can also use Kerberos 5 authentication.</span></div><div class="line">service telnet</div><div class="line">&#123;</div><div class="line">        flags           = REUSE</div><div class="line">        socket_type     = stream        </div><div class="line">        <span class="built_in">wait</span>            = no</div><div class="line">        user            = root</div><div class="line">        server          = /usr/kerberos/sbin/telnetd</div><div class="line">        log_on_failure  += USERID</div><div class="line">        <span class="built_in">disable</span>         = yes</div><div class="line">&#125;</div><div class="line">[root@localhost xinetd.d]<span class="comment">#</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>说明</strong></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>配置参数，通常的配置如下：</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div></pre></td><td class="code"><pre><div class="line">service telnet </div><div class="line">&#123; </div><div class="line"><span class="built_in">disable</span> = no <span class="comment">#启用 </span></div><div class="line">flags = REUSE <span class="comment">#socket可重用 </span></div><div class="line">socket_type = stream <span class="comment">#连接方式为TCP </span></div><div class="line"><span class="built_in">wait</span> = no <span class="comment">#为每个请求启动一个进程 </span></div><div class="line">user = root <span class="comment">#启动服务的用户为root </span></div><div class="line">server = /usr/sbin/in.telnetd <span class="comment">#要激活的进程 </span></div><div class="line">log_on_failure += USERID <span class="comment">#登录失败时记录登录用户名 </span></div><div class="line">&#125; </div><div class="line">如果要配置允许登录的客户端列表，加入 </div><div class="line">only_from = 192.168.0.2 <span class="comment">#只允许192.168.0.2登录 </span></div><div class="line">如果要配置禁止登录的客户端列表，加入 </div><div class="line">no_access = 192.168.0.&#123;2,3,4&#125; <span class="comment">#禁止192.168.0.2、192.168.0.3、192.168.0.4登录 </span></div><div class="line">如果要设置开放时段，加入 </div><div class="line">access_times = 9:00-12:00 13:00-17:00 <span class="comment"># 每天只有这两个时段开放服务（我们的上班时间：P） </span></div><div class="line">如果你有两个IP地址，一个是私网的IP地址如192.168.0.2，一个是公网的IP地址如218.75.74.83，如果你希望用户只能从私网来登录telnet服务，那么加入 </div><div class="line"><span class="built_in">bind</span> = 192.168.0.2 </div><div class="line">各配置项具体的含义和语法可参考xined配置文件属性说明（man xinetd.conf） </div><div class="line">配置端口，修改services文件：</div><div class="line"><span class="comment"># vi /etc/services </span></div><div class="line">找到以下两句 </div><div class="line">telnet 23/tcp </div><div class="line">telnet 23/udp </div><div class="line">如果前面有<span class="comment">#字符，就去掉它。telnet的默认端口是23，这个端口也是黑客端口扫描的主要对象，因此最好将这个端口修改掉，修改的方法很简单，就是将23这个数字修改掉，改成大一点的数字，比如61123。注意，1024以下的端口号是internet保留的端口号，因此最好不要用，还应该注意不要与其它服务的端口冲突。 </span></div><div class="line">启动服务：</div><div class="line">service xinetd restart</div></pre></td></tr></table></figure>
<h3 id="实例5：正常telnet"><a href="#实例5：正常telnet" class="headerlink" title="实例5：正常telnet"></a>实例5：正常telnet</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>命令</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">telnet 192.168.120.204</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>输出</strong></p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@andy ~]<span class="comment"># telnet 192.168.120.204</span></div><div class="line">Trying 192.168.120.204...</div><div class="line">Connected to 192.168.120.204 (192.168.120.204).</div><div class="line">Escape character is <span class="string">'^]'</span>.</div><div class="line"></div><div class="line">    localhost (Linux release 2.6.18-274.18.1.el5 <span class="comment">#1 SMP Thu Feb 9 12:45:44 EST 2012) (1)</span></div><div class="line"></div><div class="line">login: root</div><div class="line">Password: </div><div class="line">Login incorrect</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<strong>说明</strong></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;一般情况下不允许root从远程登录，可以先用普通账号登录，然后再用su -切到root用户。</p>

	

	
		<span class="different-posts"><a href="/2017/10/12/2. Linux 命令/60. Linux 命令- telnet/" onclick="window.history.go(-1); return false;">⬅️ Go back </a></span>

	

</article>

	</main>

	<footer class="footer">
	<div class="footer-content">
		
	      <div class="footer__element">
	<p>Hi there, <br />welcome to my Blog glad you found it. Have a look around, will you?</p>
</div>

	    
	      <div class="footer__element">
	<h5>Check out</h5>
	<ul class="footer-links">
		<li class="footer-links__link"><a href="/archives">Archive</a></li>
		
		  <li class="footer-links__link"><a href="/atom.xml">RSS</a></li>
	    
		<li class="footer-links__link"><a href="/about">about page</a></li>
		<li class="footer-links__link"><a href="/tags">Tags</a></li>
		<li class="footer-links__link"><a href="/categories">Categories</a></li>
	</ul>
</div>

	    

		<div class="footer-credit">
			<span>© 2017 失落的乐章 | Powered by <a href="https://hexo.io/">Hexo</a> | Theme <a href="https://github.com/HoverBaum/meilidu-hexo">MeiliDu</a></span>
		</div>

	</div>


</footer>



</body>

</html>
